Date: Thu, 9 Feb 2006 20:25:15 GMT From: Todd Miller <millert@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 91461 for review Message-ID: <200602092025.k19KPF79031512@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=91461 Change 91461 by millert@millert_ibook on 2006/02/09 20:25:08 Add missing (c) notice Factor out code to load the migscs file into its own function for the new syscall. Add some missing error checks Affected files ... .. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/mach_av.c#9 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/ss/mach_av.c#9 (text+ko) ==== @@ -1,5 +1,31 @@ +/*- + * Copyright (c) 2005 SPARTA, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ #include <mach/message.h> +#include <kern/lock.h> #include <sedarwin/linux-compat.h> #include <sedarwin/flask.h> #include <sedarwin/ss/hashtab.h> @@ -22,37 +48,41 @@ { int baseid; int nclasses; - int classes[0]; + int classes[0]; /* actually larger */ }; static struct hashtab *msgid2class; -void sebsd_mach_av_init() +static mutex_t *migscs_load_lock; + +/* + * Read the table mapping mach message ids to security classes. + * The permissions in those classes are expected to be relative to the + * base message id defined for a subsystem (which is in this table). + */ +int +sebsd_load_migscs(void *tdata, size_t tsize) { - /* Read the table mapping mach message ids to security classes. - The permissions in those classes are expected to be relative to the - base message id defined for a subsystem (which is in this table). */ + struct hashtab *ht, *oht; + int error, *p, *ep; - size_t tsize; - int *tdata; - if (!preload_find_data ("sebsd_migscs", &tsize, &tdata)) { - msgid2class = hashtab_create(msgid_hash, msgid_cmp, 3); - return; - } + ht = hashtab_create(msgid_hash, msgid_cmp, 31337); + if (ht == NULL) + return (-1); - msgid2class = hashtab_create(msgid_hash, msgid_cmp, 31337); + printf("security class to subsystem table: %d classes\n", + tsize / sizeof(int)); - tsize /= sizeof(int); - int *p = tdata; - - while (p < tdata+tsize) { + p = (int *)tdata; + ep = (int *)((char *)tdata + tsize); + while (p < ep) { int msgid = *p++; int nclasses = *p++; int size = *p++; int i; + struct msgid_classinfo *c; - struct msgid_classinfo *c = sebsd_malloc - (sizeof(int) * nclasses + sizeof(struct msgid_classinfo), M_WAITOK); + c = sebsd_malloc(sizeof(int) * nclasses + sizeof(*c), M_WAITOK); c->baseid = msgid; c->nclasses = nclasses; for (i = 0; i < nclasses; i++) @@ -60,11 +90,43 @@ for (i = msgid; i < msgid + size; i++) { int *ip = sebsd_malloc(sizeof(int), M_WAITOK); *ip = i; - hashtab_insert(msgid2class, ip, c); + error = hashtab_insert(ht, ip, c); + if (error) { + hashtab_destroy(ht); + return (-1); + } } } + + /* + * Swap the old message id to class mapping with the new one + * and free the old. + * XXX - does this leak memory? + */ + mutex_lock(migscs_load_lock); + oht = msgid2class; + msgid2class = ht; + mutex_unlock(migscs_load_lock); + hashtab_destroy(oht); + return (0); +} + +void +sebsd_mach_av_init(void) +{ + size_t tsize; + int *tdata; + + migscs_load_lock = mutex_alloc(ETAP_NO_TRACE); + + if (!preload_find_data ("sebsd_migscs", &tsize, &tdata) || + sebsd_load_migscs(tdata, tsize) != 0) { + msgid2class = hashtab_create(msgid_hash, msgid_cmp, 3); + return; + } } + int sebsd_check_ipc_method1(int subj, int obj, int msgid) {
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200602092025.k19KPF79031512>